- Domain “nice.domain”
- script server “server1.nice.domain”
- Hyper-V hypervisor “hyperv1.nice.domain”
- all Windows Server 2012 R2
- script user “nice\script”
- script user is member of “Hyper-V Administrators” group on hyperv1.
- script user has the “Log on as a batch job” right on server1
Get-VM -Computername hyperv1
in a Powershell console window on server1 (which was started with “run as different user”) will show a nice list of VMs on the hypervisor.
PowerShell1Get-VM -Computername hyperv1
- other Hyper-V cmdlets seem to work, f.e.
PowerShell1Get-VMHost -Computername hyperv1
- Making the script user a member of the “Administrators” group on “server1” works, but that’s not good security.
- Adding the script user to the “Administrators” group on hyperv1 does not help
- It’s obviously a problem on server1, something stops Get-VM from working in a scheduled task.
Question: which rights or security settings are missing in Scenario 2?
If you have any ideas or even the solution, please try to comment below or tweet back here (@RicochetPeter). Thx in advance 🙂